Office 365 uses encryption in two ways: in the service, and as a customer control. In the service, encryption is used in Office 365 by default. If you want to increase the security level of messaging and protect extremely sensitive data, we will provide implementation services to email encryption and rights protection capabilities.

    Get secure email messaging implemented in your organization. With the new Office 365 Message Encryption (OME) capabilities, which leverage the protection features in Azure Information Protection, your organization can easily share protected email with anyone, on any device. Users can send and receive protected messages with other Office 365 organizations as well as non-Office 365 customers using, Gmail, and other email services.

    Our objective is to enable OME -- Office 365 Message Encryption -- in your Office 365 tenant and provide instruments to control sensitive data with flexible policies or ad hoc customer controls that are built into Office 365.

    An implementation project will be considered successful when you:

    1. start to send encrypted email from any device
    2. easily navigate through encrypted messages
    3. deliver encrypted email directly to recipients' inboxes
    4. decrypt and read encrypted email with confidence, without installing client software
    5. enjoy simplified user management that eliminates the need for certificate maintenance

    IT Partner responsibilities #

    • Set up Office Message Encryption (OME) in Office 365
    • Create mail flow rules that define the conditions for encryption
    • Bring your own key (BYOK) settings, if needed

    Client responsibilities #

    • Provide a dedicated point of contact responsible for working with IT Partner and coordinate any outside vendor resources and schedules, if needed
    • Configure all networking equipment, such as load balancers, routers, firewalls, and switches
    • If Microsoft Outlook or other desktop email clients are to be used for connectivity to Office 365, tuning email software on client workstations

    Outside the scope of this project (additional cost items) #

    • Mail migration services to Office 365
    • AD & group policy settings

    Upon completion of the engagement, we will provide a Project Closeout Report. This document will indicate final project status, including evidence of meeting acceptance criteria, outstanding issues, if any, and final budget. If you want more extensive documentation, this can be provided for an additional fee.

    Prerequisites #

    • You must have global admin level access to the source Office 365 tenant
    • You must have global admin level access to the destination Office 365 tenant, with Exchange Online licenses available

    To use the new OME capabilities, you need one of the following plans:

    • Office 365 Message Encryption is offered as part of Office 365 E3 and E5, Microsoft E3 and E5, Office 365 A1, A3, and A5, and Office 365 G3 and G5. Customers do not need additional licenses to receive the new protection capabilities powered by Azure Information Protection.
    • You can also add Azure Information Protection Plan 1 to the following plans to receive the new Office 365 Message Encryption capabilities: Exchange Online Plan 1, Exchange Online Plan 2, Office 365 F1, Office 365 Business Essentials, Office 365 Business Premium, or Office 365 Enterprise E1
    • Each user benefiting from Office 365 Message Encryption needs to be licensed to be covered by the feature
    • For the full list, see the Exchange Online service descriptions for Office 365 Message Encryption

    Plan #

    May vary depending on your needs.

    1. Kickoff meeting
    2. Pre-implementation system health check
    3. Configuring OME and additional tools
    4. Setting up Exchange Online Transport Rules
    5. Verifying email encryption
    6. Posting implementation tasks

    Results #

    You will be able to use Office 365 Message Encryption (OME) capabilities that protect your mails and mail flow rules that define the conditions for encryption. Your email recipients should be able to receive and reply to your secure emails using any device, with any email client.

    Relevant articles #

    Related services

    CIO on Demand

    Our CIO on Demand service provides an affordable way to inject some CIO leadership or coaching into businesses that cannot afford an expensive, full-time CIO.

    Free Office 365 Security Assessment

    Small- and medium-sized businesses have to deal with the same cyberattacks and the same industry and government data regulations as large companies, but without the big IT department and budget to plan and implement protective measures. Migration to the cloud helps, but still leaves some very important vulnerabilities, like social engineering-based attacks. We will help you evaluate how secure your business data is and propose concrete steps to fix the vulnerabilities.